PUA.Gen.3

PUA.Gen.3

Updated:

29 April 2016

Risk Impact:

Low

Systems Affected:

Linux, Mac, Windows

Behavior

PUA.Gen.3 is a generic detection for many individual but varied Potentially Unwanted Applications for which specific definitions have not been created. A generic detection is used because it protects against many Potentially Unwanted Applications that share similar characteristics.

Antivirus Protection Dates

Initial Rapid Release version
10 December 2014 revision 034

Latest Rapid Release version
10 December 2014 revision 034

Initial Daily Certified version
11 December 2014 revision 003

Latest Daily Certified version
11 December 2014 revision 003

Initial Weekly Certified release date
07 January 2015

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

PUA.Gen.3 is a generic detection for many individual but varied Potentially Unwanted Applications for which specific definitions have not been created. A generic detection is used because it protects against many Potentially Unwanted Applications that share similar characteristics.

Windows removal
You may have arrived at this page either because you have been alerted by your Symantec product about this risk, or you are concerned that your computer has been affected by this risk.

Before proceeding further we recommend that you run a full system scan
. If that does not resolve the problem you can try one of the options available below.

FOR NORTON USERS
If you are a Norton product user, we recommend you try the following resources to remove this risk.

FOR BUSINESS USERS
If you are a Symantec business product user, we recommend you try the following resources to remove this risk.

Identifying and submitting suspect files
Submitting suspicious files to Symantec allows us to ensure that our protection capabilities keep up with the ever-changing threat landscape. Submitted files are analyzed by Symantec Security Response and, where necessary, updated definitions are immediately distributed through LiveUpdate™ to all Symantec end points. This ensures that other computers nearby are protected from attack. The following resources may help in identifying suspicious files for submission to Symantec.

2. Restoring settings in the registry
Many risks make modifications to the registry, which could impact the functionality or performance of the compromised computer. While many of these modifications can be restored through various Windows components, it may be necessary to edit the registry. See in the Technical Details of this writeup for information about which registry keys were created or modified. Delete registry subkeys and entries created by the risk and return all modified registry entries to their previous values.

Linux removalThe following instructions pertain to Symantec AntiVirus for Linux.

Update the virus definitions.

Run a full system scan.

1. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:

Running LiveUpdate, which is the easiest way to obtain virus definitions. For Symantec AntiVirus for Linux, LiveUpdate definitions are updated daily.

Downloading the definitions using Intelligent Updater. The Intelligent Updater virus definitions are posted daily. You should download the definitions from the Symantec Security Response Web site and manually install them.

2. To run a full system scan
To run a full system scan in Linux, open a command line and type the following:

sav manualscan --scan /

If any files are detected, follow the instructions displayed by your antivirus program.

Macintosh removalThe following instructions pertain to all current and recent Symantec antivirus products for Macintosh.

Update the virus definitions.

Run a full system scan and repair or delete all the files detected.

For specific details on each of these steps, read the following instructions.

1. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:

Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).

Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response website and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).